Alerting

Alerts: Webhook Trigger Action and Slack Incoming WebHooks Custom Integration

dwspncr
Explorer

I have an Alert that successfully creates an entry in Trigger History via the "Add to Triggered Alerts" Trigger Action; however, the Webhook Trigger Action for the same Alert does not appear to fire.

The webhook URL (of the form https://hooks.slack.com/services/#########/#########/########################) is generated by Slack's Incoming WebHooks Custom Integration, and making a curl request to it is successful.

Any suggestions on how to debug this are appreciated.

dwspncr
Explorer

Using the Slack Webhook Alert add-on, as @aaraneta mentions, works.

I'm still not entirely satisfied, though, as all the documentation that I've read seem to indicate that "standard" webhooks should work.

chadwell
Explorer

I'm hoping someone can answer this.

Using the provided 'webhook' functionality (without any additional apps etc) - how can we POST to a slack web hook.

I can use Postman on my laptop to post to the slack channel without issue. But when the splunk alert is triggered the webhook seems to do nothing.

Any ideas?>

0 Karma

known_user
Engager

How can we integrate without having to configure anything at the splunk enterprise level?

0 Karma

aaraneta_splunk
Splunk Employee
Splunk Employee

@dwspncr - Are you using the Slack Webhook Alert add-on in Splunkbase? Or a different Slack related app/add-on in Splunkbase? I just want to make sure your post is tagged appropriately for best visibility. Thank you.

0 Karma

dwspncr
Explorer

No add-ons. I was hoping to get it to work using a plain webhook post to Slack.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...